Security Directory

K

Kampus Hybernská

kampushybernska.cz

59

Kampus Hybernská is a cultural and educational hub located in Prague, focusing on fostering creativity, innovation, and academic collaboration. The website showcases a variety of events including lectures, performances, exhibitions, and workshops aimed at students, artists, researchers, and the general public. The platform is supported by partnerships with the Prague city government and Charles University, enhancing its credibility and community impact. Technically, the site is built on Webflow with modern JavaScript libraries and includes analytics and marketing tools such as Google Analytics and Facebook Pixel. Security posture is strong with HTTPS and security headers in place, complemented by GDPR-compliant privacy and cookie policies. However, the absence of WHOIS data limits domain trust verification. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for a medium-sized educational and cultural institution.

H

HESTIA

hest.cz

45

HESTIA is a Czech non-profit organization established in 2001, specializing in volunteer services, coordination, and educational programs. The website presents a well-structured platform offering multiple volunteer programs, corporate volunteering initiatives, and training courses. It targets volunteers, non-profit organizations, companies interested in corporate social responsibility, donors, and media. The organization maintains partnerships with government bodies and foundations, enhancing its credibility and market position within the Czech Republic's volunteer sector. Technically, the website uses a custom CMS (Toolkit) hosted by ECN Studio, with integration of Google Analytics and Google Tag Manager for visitor tracking. The site is mobile-optimized with good navigation and content quality. However, some technical improvements are recommended, including the implementation of security headers and enhanced accessibility features. From a security perspective, the site uses HTTPS (implied by external Google Analytics scripts loaded over HTTPS), has a cookie consent mechanism compliant with GDPR, and does not expose sensitive data. There is no visible security or incident response policy, and no contact emails or phone numbers are provided on the homepage, which could be improved for transparency and user trust. Overall, the website is professional, trustworthy, and serves its non-profit mission effectively. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and providing clearer contact information to improve user confidence and compliance posture.

C

CANS Global

cans.com

62

CANS Global is a small Czech Republic-based e-commerce company specializing in natural sparkling alpine water with real fruit juice. The company emphasizes purity and natural ingredients, targeting general consumers interested in healthy beverage options. The website is built on the Shopify platform, leveraging modern web technologies and analytics tools such as Google Analytics and Microsoft Clarity. The site is well-designed, mobile-optimized, and provides a good user experience, although it lacks some standard compliance documents such as privacy policy and terms of service. Security posture is adequate with HTTPS and domain protections but could be improved by enabling DNSSEC and publishing security policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

E

ekolo.cz s.r.o.

ekolo.cz

47

Ekolo.cz s.r.o. operates a leading Czech e-commerce and physical retail platform specializing in electric bicycles and related accessories. Established in 2007, the company has built a strong market position with over 18 years of experience, offering a wide range of products including over 700 e-bike variants from 16 manufacturers. Their services include sales, rental, and servicing of e-bikes, targeting cycling enthusiasts and urban commuters primarily in the Czech Republic. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive product information. Technically, the site leverages modern JavaScript libraries such as Swiper.js, Google Tag Manager, and integrates security features like Google reCAPTCHA to protect user interactions. Hosting is inferred to be on DigitalOcean with CDN support for performance. Security posture is strong with HTTPS enforced and secure form handling, though some HTTP security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and consent mechanisms. Contact information is transparent and includes multiple channels. Overall, the site demonstrates high professionalism, trustworthiness, and digital maturity.

3

Pizza your way | 360 Pizza

360pizza.com

68

360 Pizza operates an e-commerce platform focused on pizza ordering and courier shipping services. The website presents a modern, visually consistent brand with a focus on user experience and mobile optimization. The business appears to be established since 2005, with a domain age supporting its longevity. The technical infrastructure leverages modern web technologies including React with Next.js, Mapbox for mapping, and multiple analytics platforms such as Google Analytics, TikTok, Facebook, and Smartlook. Cookie consent is managed via Cookiebot, indicating some level of privacy compliance awareness. However, explicit privacy policies, terms of service, and contact information are not found on the analyzed page, which may impact user trust and regulatory compliance. Security posture is generally good with HTTPS enforced and domain transfer protection enabled, but DNSSEC is not enabled, and security headers beyond domain status are not explicitly identified. Overall, the website is functional and professional but could improve transparency and compliance documentation.

B

Bageterie Boulevard

bb.cz

58

Bageterie Boulevard is a well-established fast casual gourmet sandwich and food service chain primarily operating in the Czech Republic with some presence in Slovakia. The company offers a variety of freshly prepared sandwiches and related products, emphasizing quality and speed. Their business model includes physical retail locations, online ordering platforms, catering services, and franchise opportunities. The website reflects a mature digital presence with multiple branches listed, a mobile app promotion, and loyalty programs. Technically, the site uses a mix of legacy and modern web technologies including jQuery, Google Maps API, and various marketing and analytics tools such as Google Analytics, Facebook Pixel, and Cookiebot for consent management. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and vulnerability disclosure policies are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting a large retail hospitality business.

A

ANEXIA® Internetdienstleistungs GmbH

backboneeurope.com

57

Anexia Internetdienstleistungs GmbH operates Backbone Europe, a major network infrastructure project enhancing connectivity and DDoS protection across key European cities. The company provides IT services including software development, hosting, and network solutions primarily targeting enterprise customers. The website reflects a mature digital presence with modern technologies and interactive content, supporting a professional brand image. Security posture is moderate with HTTPS usage and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy compliance is partial, with a privacy policy linked externally but no cookie consent mechanism visible. Overall, the site is trustworthy and business-focused, with room for improvement in security and privacy transparency.

B

Business Finland

businessfinland.fi

68

Business Finland is a Finnish government agency dedicated to fostering growth by supporting Finnish companies in internationalization and innovation funding. The website serves as an authoritative portal for Finnish businesses seeking funding and international growth opportunities. It reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its target audience. The technical infrastructure leverages modern technologies including Azure hosting, Google Tag Manager, and Cookiebot for consent management, indicating a well-maintained and secure platform. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are not prominently published. Overall, the website demonstrates a high level of professionalism and trustworthiness suitable for a government entity.

A

AllSides Education Fund

allsideseducationfund.org

64

AllSides Education Fund is a nonprofit organization dedicated to strengthening democratic society by enhancing media literacy, providing balanced news access, and fostering constructive conversations across political divides. Founded in 2015 as a joint initiative of AllSides, Living Room Conversations, and the Mediators Foundation, it offers educational resources, scholarships, and grants primarily targeting educators and community leaders. The website serves as a platform to promote these services and facilitate donations and grant applications. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and GiveWP for donations, with a responsive design optimized for accessibility and SEO. Hosting is supported by Amazon AWS infrastructure, and the site employs Google Tag Manager for analytics and tracking. While the site uses HTTPS and has domain transfer protections, it lacks DNSSEC and some security headers, indicating room for security improvements. From a security perspective, the site demonstrates a moderate security posture with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies and incident response information, along with missing DNSSEC, suggests potential compliance and security gaps. Privacy policies and cookie policies are present but do not include explicit consent mechanisms, which may affect GDPR compliance. Overall, the website is professional, trustworthy, and well-aligned with its nonprofit educational mission. Strategic recommendations include enhancing DNS security, implementing security headers, and improving privacy compliance mechanisms to strengthen trust and security posture.

C

CFL multimodal

cfl-mm.lu

61

CFL multimodal is a Luxembourg-based logistics and transportation company specializing in rail freight, multimodal hubs, and comprehensive logistics services. It operates as part of the CFL Group, providing sustainable and efficient freight solutions across Europe. The website reflects a professional and well-structured digital presence with clear service offerings and a focus on environmental responsibility. Technically, the site uses modern web technologies including jQuery, Bootstrap, FontAwesome, and integrates analytics tools such as Google Tag Manager and Matomo. The security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security headers and policies are not evident. The absence of WHOIS data limits domain trust assessment, but the overall business credibility is supported by consistent branding and social media presence. Privacy compliance is well addressed with GDPR-aligned policies and cookie management.

C

College Magazine, LLC

collegemagazine.com

65

College Magazine, LLC operates a professional online media platform focused on providing college-related content authored by students nationwide. The website offers comprehensive guides on colleges, majors, internships, career advice, and student life, positioning itself as a niche educational media outlet. The platform leverages a modern WordPress infrastructure with advanced SEO and analytics tools, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and privacy management tools, though explicit privacy and terms pages are missing, which should be addressed to improve compliance and trust. WHOIS data is unavailable or privacy protected, slightly impacting domain trust but not detracting from the professional presentation and content quality. Overall, the site is a credible resource for college students and prospective applicants.

I

Indiana University Bloomington

indiana.edu

68

Indiana University Bloomington is the flagship campus of the Indiana University system, offering a comprehensive higher education experience with a strong emphasis on research, innovation, and academic freedom. The website reflects a mature digital presence with professional design, clear navigation, and relevant content targeting prospective and current students. The university leverages modern web technologies including Google Tag Manager and Siteimprove Analytics to monitor and optimize user experience. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure; however, explicit security headers and privacy policies are not evident in the provided content, indicating areas for improvement. The domain is a subdomain of iu.edu, which is consistent with institutional practices, though WHOIS data for the subdomain is unavailable. Overall, the site is trustworthy, professional, and safe for general audiences.

V

vseosaunovani.cz

vseosaunovani.cz

55

The website vseosaunovani.cz is a niche informational platform focused on sauna bathing, its health benefits, traditions, and local sauna recommendations primarily targeting the Czech Republic audience. The site operates as a content and blog platform, providing articles and advice related to sauna culture and wellness. It is built on the Wix platform, leveraging Wix's CMS and hosting infrastructure, with integrations such as Google Tag Manager and Cookiebot for analytics and cookie consent management. Technically, the site demonstrates moderate performance and good mobile optimization, though accessibility and SEO could be improved. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and incident response information. The absence of WHOIS data and privacy policy reduces trust and compliance confidence. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

S

Saunia

saunia.sk

55

Saunia operates as a regional sauna and wellness service provider primarily targeting customers seeking relaxation and health benefits through sauna experiences. The website presents a professional and consistent brand image, with content focused on promoting their sauna worlds and wellness offerings. The company appears to be established in the Czech Republic, serving a general audience interested in wellness and leisure. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, Cookiebot for consent management, and various plugins for social sharing and popups. The site is mobile-optimized and includes structured data for SEO and organization information, indicating a mature digital presence. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is supported by cookie disclosures and consent but lacks a clearly accessible privacy policy page in the provided content. Overall, the website is trustworthy and professionally maintained, with no blocking or WAF interference detected. The absence of WHOIS data limits domain registration insights but does not detract from the site's apparent legitimacy. Strategic recommendations include enhancing security headers, publishing privacy and security policies, and adding vulnerability disclosure information to improve trust and compliance.

S

Saunia

saunia.de

52

Saunia operates as a regional wellness and sauna service provider primarily targeting customers in the Czech Republic and neighboring countries. The website presents a professional and well-structured digital presence, leveraging WordPress CMS and integrating multiple marketing and analytics tools such as Google Analytics, Microsoft Clarity, and Cookiebot for consent management. The business focuses on delivering sauna experiences and wellness services, positioning itself as a trusted brand in the hospitality sector. However, the absence of publicly available WHOIS data and explicit privacy or terms of service pages slightly detracts from the overall trustworthiness. Technically, the site is well-optimized for mobile devices and SEO, though there is room for improvement in accessibility and security header implementation. The security posture is solid with HTTPS enforced and no visible vulnerabilities, but could benefit from enhanced transparency through published security policies and vulnerability disclosure mechanisms.

E

Eurogroup for Animals

eurogroupforanimals.org

49

Eurogroup for Animals is a pan-European non-profit advocacy organization dedicated to improving animal welfare and defending animal interests across Europe. The website serves as a platform to communicate their mission, campaigns, and policy initiatives to a broad audience including NGOs, policymakers, and the general public interested in animal welfare. The organization positions itself as a key voice in European animal advocacy with a focus on policy influence and public awareness. Technically, the website is built on Drupal 10, leveraging modern web technologies including Font Awesome for icons, Google Tag Manager for analytics, and Cookiebot for cookie consent management. The site demonstrates good digital maturity with mobile optimization, accessibility features, and a cookie consent mechanism that complies with GDPR requirements. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and implements cookie consent with granular user controls. However, explicit security headers like Content-Security-Policy and X-Frame-Options were not detected in the provided data, suggesting an area for improvement. No vulnerabilities or exposed sensitive data were found. The WHOIS data is unavailable or privacy protected, which is typical for non-profit organizations and does not raise immediate concerns. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it would benefit from enhanced security header implementation and clearer contact information. The risk profile is low, with no critical issues detected.

L

Langley Advance Times

langleyadvancetimes.com

68

Langley Advance Times is a regional news media outlet serving the Langley area in British Columbia, Canada. It provides local news, community events, sports, entertainment, and obituaries, targeting local residents and readers interested in regional news. The site operates under the parent company Black Press Media, a known media group. The business model is primarily advertising and subscription-based, with a focus on community engagement and local journalism. Technically, the website uses a modern tech stack including Google Tag Manager, Google Analytics, Rubicon Project for advertising, and Marfeel SDK for mobile optimization. The CMS appears proprietary to Black Press Media. The site is mobile optimized, has good SEO practices, and loads with moderate performance. Accessibility features are basic but present. From a security perspective, the site enforces HTTPS and uses several security best practices, though some security headers are not explicitly visible. There is no visible security.txt or vulnerability disclosure policy, and cookie consent mechanisms are minimal or absent. WHOIS data for the domain is unavailable, which reduces trust slightly but the site’s professional appearance and affiliation with Black Press Media support its legitimacy. Overall, the site is a trustworthy local news source with good content quality and technical implementation. Strategic improvements in privacy compliance, security disclosures, and WHOIS transparency would enhance trust and security posture.

B

Boston Herald

bostonherald.com

64

Boston Herald is a prominent local news media organization serving the Boston, Massachusetts area, providing comprehensive coverage of news, sports, politics, entertainment, weather, and obituaries. The website demonstrates a mature digital presence with a subscription-based business model supported by a parent company, MediaNews Group. The site is well-branded and targets a general audience seeking timely and relevant local information. Technically, the site is built on WordPress and integrates multiple modern technologies including Google Tag Manager, Auth0 for authentication, and sophisticated ad and analytics platforms such as Google Ad Manager and Parsely. The site is mobile optimized and employs consent management via Osano, reflecting a commitment to privacy compliance. From a security perspective, the site enforces HTTPS, uses standard security headers, and manages cookie consent effectively. However, the absence of a public WHOIS record and lack of explicit security policies or incident response contacts slightly reduce trustworthiness. No critical vulnerabilities or exposed sensitive data were detected. Overall, Boston Herald's website is professional, secure, and compliant with privacy regulations, though improvements could be made in transparency around security policies and contact information. The domain WHOIS data absence warrants monitoring but does not currently undermine the site's legitimacy.

I

Information Week

informationweek.com

73

InformationWeek is a well-established technology news and analysis media brand founded in 1979 and currently owned by Informa PLC. The website serves IT professionals and business leaders by providing in-depth coverage of IT management, artificial intelligence, cybersecurity, cloud computing, and data privacy. It holds a strong market position as a trusted source of technology insights. Technically, the website employs a modern technology stack including JavaScript frameworks, New Relic monitoring, and various analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and content-rich, though the lack of publicly available WHOIS data slightly impacts trust scores.

A

Artha Platform | Rianta Capital Zurich

arthaimpact.com

47

Artha Impact operates as an impact investing network and platform focused primarily on social ventures in India, with a history dating back to 2007 as part of Rianta Capital advising the Singh Family Trust. The platform facilitates collaboration and capital deployment among investors, entrepreneurs, and support organizations through an invite-only online network and associated SaaS offerings. The website presents a professional and consistent brand image with clear navigation and comprehensive content about its mission, sectors of interest, and partner ecosystem. Technically, the site is built on WordPress using modern libraries such as Bootstrap and jQuery, with integration of Google Analytics, Tag Manager, and Microsoft Clarity for analytics and tracking. Security posture is generally good with HTTPS enforced, but lacks DNSSEC and explicit security headers. Privacy and cookie policies are present and appear comprehensive, supporting GDPR compliance. No contact emails or phone numbers are explicitly listed, which may impact direct communication. Overall, the domain registration data is consistent and legitimate, supporting the credibility of the business.

V

Vastuu Group

tilaajavastuu.fi

65

Vastuu Group is a Finnish technology service provider specializing in digital solutions that facilitate employee data management, compliance with labor laws, and reporting obligations primarily for the construction sector and related industries. The company offers a broad portfolio of services including Valtti+, Valttikortti, and electronic signature solutions, positioning itself as a key enabler of digital transformation and regulatory compliance in its market. Recent acquisitions such as Linnunmaa Lex indicate strategic growth and expansion of service offerings. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies and integrating analytics and marketing tools such as Google Tag Manager and Facebook Pixel. The site demonstrates good performance, mobile optimization, and accessibility, reflecting a mature digital infrastructure. From a security perspective, Vastuu Group maintains a strong posture with HTTPS enforcement, ISO 27001 certification, and comprehensive privacy and cookie policies. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public incident response policy and security.txt file suggests areas for improvement in transparency and vulnerability management. Overall, Vastuu Group presents a professional, trustworthy, and compliant digital presence aligned with its business objectives. The company is well-positioned in its sector with a clear focus on compliance, digital services, and customer support.

K

Kappa Data France

kappadata.fr

57

Kappa Data France is a value-added IT distributor specializing in network infrastructure and security solutions for businesses. Established in 1986, the company offers reliable products, technical expertise, and support services targeting IT resellers, SMEs, and large enterprises. The website reflects a mature digital presence with a professional design, multi-language support, and modern WordPress infrastructure. Security posture is solid with HTTPS and Cloudflare DNS, though explicit security headers and privacy policies are missing. Analytics are implemented via Google Tag Manager, indicating moderate user tracking. Overall, the site is trustworthy and well-positioned in the technology distribution sector.

M

Molfar Intelligence Firm

molfar.com

70

Molfar Intelligence Firm is a Ukrainian private intelligence agency specializing in OSINT investigations and business consulting across finance, government, law, and IT sectors. Established in 2012 and operational since 2019, the firm serves a global clientele with expertise in over 60 countries, focusing on markets such as CIS, USA, UK, China, and Israel. Their key offerings include background checks, litigation support, risk consulting, market research, strategic communication, military intelligence, and OSINT training through their institute. Technically, the website is built on Webflow with modern JavaScript libraries and analytics tools, hosted with Cloudflare DNS, and employs HTTPS with domain transfer lock for security. Privacy and cookie policies are comprehensive and GDPR compliant, with user consent mechanisms in place. Security posture is strong with no critical vulnerabilities detected, though DNSSEC is not enabled. Overall, the site demonstrates high professionalism, trustworthiness, and technical maturity.

C

CREVV

crevv.com

56

CREVV is a small, full-service creative design studio based in Kyiv, Ukraine, specializing in visual and verbal communication, branding, environment design, text, and photography. The company has a well-established online presence with a portfolio showcasing various projects, positioning itself as a professional agency in the media sector. The website is built on the Readymag platform, utilizing modern web technologies including Google Fonts, YouTube API, and Google Analytics for tracking. The site is SSL secured and hosted by Hosting Ukraine LLC, reflecting a consistent and legitimate domain registration since 2014. However, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its compliance posture.

E

eSputnik

esputnik.com

73

eSputnik is a well-established Ukrainian SaaS company specializing in omnichannel Customer Data Platform (CDP) and marketing automation solutions. The company targets enterprise and small to large businesses seeking advanced marketing tools to unify customer data and automate communications across multiple channels including email, SMS, Viber, push notifications, and more. Their market position is supported by a decade-long presence and a client base of thousands daily. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Vuetify, integrates multiple analytics and tracking tools, and is hosted on AWS infrastructure, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enforced and domain transfer protections, but lacks DNSSEC and visible security headers. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich, but could improve in privacy transparency and security best practices.

P

Paimio

paimio.fi

60

Paimio.fi is the official website of the city of Paimio, a modern municipality in southwestern Finland. The site serves residents, local businesses, and visitors by providing comprehensive municipal services and information. The website is well-positioned as a local government authority, focusing on public service delivery and community engagement. The content is professionally presented, with clear descriptions of the city's offerings and a consistent branding approach. Technically, the website is built on WordPress and utilizes common web technologies such as jQuery, DustPress, and Cookiebot for cookie consent management. It integrates Google Tag Manager and Google Analytics for visitor tracking and performance monitoring. The site demonstrates good SEO practices, mobile optimization, and basic accessibility features, contributing to a positive user experience. From a security perspective, the website enforces HTTPS and includes several security headers, reflecting a good security posture. The cookie consent mechanism complies with GDPR requirements, although explicit privacy and terms of service policies are not found in the provided content. No vulnerabilities or suspicious activities were detected, indicating a secure and trustworthy platform. Overall, Paimio.fi presents a reliable and professional municipal website with moderate technical sophistication and a solid security foundation. Strategic improvements include publishing comprehensive privacy and terms of service policies and enhancing accessibility and contact information transparency.

L

Liedon kaupunki

lieto.fi

63

Lieto.fi is the official website of the city of Lieto, Finland, providing comprehensive municipal services information, tourism, cultural events, and administrative resources. The site targets residents and visitors, offering clear navigation to services such as social care, education, urban planning, and leisure activities. The business model is that of a local government entity focused on public service delivery and community engagement. The website reflects a stable market position as a trusted municipal authority with a longstanding domain registration dating back to 1991. Technically, the site is built on WordPress with modern web technologies including Matomo analytics and Google Tag Manager, ensuring good performance, mobile responsiveness, and accessibility. Hosting appears to be managed by Elisa Oyj, a Finnish telecom provider, with reliable DNS infrastructure. The site employs HTTPS with strong SSL configuration and includes a cookie consent mechanism aligned with GDPR requirements. From a security perspective, the website demonstrates good practices such as encrypted connections and privacy-aware analytics. However, it lacks explicit security policy documentation and incident response information, which could be improved to enhance transparency and preparedness. No critical vulnerabilities or suspicious content were detected. The WHOIS data is fully consistent with the website's municipal identity, showing no privacy protection or obfuscation, which supports trustworthiness. Overall, lieto.fi is a professionally maintained government website with solid technical and privacy compliance foundations. Strategic improvements could focus on enhancing security documentation and publishing vulnerability disclosure policies to further strengthen its security posture and public trust.

T

Turun kaupunki

turku.fi

65

The website www.turku.fi is the official digital portal for the City of Turku, Finland. It serves as a comprehensive platform providing residents, businesses, and visitors with access to municipal services, cultural events, educational resources, and administrative information. The site is well-structured, professionally designed, and offers multilingual support, reflecting a mature digital presence for a large government entity. The business model is focused on public service delivery and community engagement, positioning Turku as a transparent and accessible city administration.

C

Creamailer Oy

creamailer.fi

49

Creamailer Oy is a Finnish technology company specializing in AI-powered communication tools that integrate newsletters, surveys, and event communications into a single platform. Positioned as a cost-effective and reliable solution in the Finnish market, Creamailer targets organizations seeking efficient and scalable communication solutions. The website demonstrates a mature digital presence with modern technologies such as Google Tag Manager, Cookiebot for consent management, and Visual Website Optimizer for A/B testing and analytics. The site is well-structured, mobile-optimized, and provides comprehensive content including customer testimonials and certifications that enhance trust. Security posture is solid with HTTPS and secure form handling, though explicit security policies and incident response contacts are not published. Overall, the website reflects a professional and trustworthy business with good privacy compliance and user experience.

R

Riesa Consultative Oy

riesa.io

56

Riesa Consultative Oy is a Finnish consulting company specializing in accessibility and equality services. The company positions itself as Finland's leading accessibility expert, offering services such as the Accessibility Index and urban environment accessibility consulting. Their target audience includes organizations seeking to improve accessibility and inclusivity. The website is professionally designed, well-structured, and provides clear information about services and client references, supporting a strong market position in the accessibility consulting niche. Technically, the website is built on WordPress with modern SEO and analytics tools including Yoast SEO, Google Analytics, and Google Tag Manager. The site is mobile-optimized and demonstrates good accessibility practices. Hosting and DNS are managed with Cloudflare, ensuring reliable performance and security. The site uses HTTPS with a valid SSL certificate, though DNSSEC is not enabled. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms compliant with GDPR. However, it lacks visible security policies, incident response contacts, and advanced security headers. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business profile, using privacy protection services reasonably. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements include enabling DNSSEC, publishing security policies, and enhancing security headers to further strengthen the security posture.

E

Ekokompassi

ekokompassi.fi

75

Ekokompassi is a Finnish non-profit organization providing an industry-independent environmental management system tailored to organizations with expert assistance. The website reflects a focused service offering in environmental consultancy, targeting organizations seeking to improve their environmental practices. The domain is well-established since 2009 and registered transparently under Suomen luonnonsuojeluliitto ry, reinforcing trust and legitimacy. Technically, the site is built on WordPress with modern SEO and analytics tools, including Google Analytics, Hotjar, and Cookiebot for consent management. Security posture is good with HTTPS enforced and standard security practices, though DNSSEC is not implemented and no explicit security or incident response policies are published. Privacy compliance is basic with a cookie consent mechanism but lacks a clearly visible privacy policy or terms of service on the homepage. Overall, the site is professional, accessible, and trustworthy, with room for improvement in privacy transparency and DNS security.

V

Visit Finland

visitfinland.com

77

Visit Finland operates as the official travel guide and tourism promotion platform for Finland, providing comprehensive information about the country's nature, culture, and travel opportunities. The website serves as a key resource for tourists planning trips to Finland, offering detailed guides, event information, and cultural highlights. It is positioned as an authoritative source backed by Business Finland, the parent organization responsible for promoting Finnish business and tourism internationally. The site targets a broad audience of international travelers and tourism stakeholders. Technically, the website is built on modern web technologies including React and Next.js, ensuring fast performance, mobile responsiveness, and good accessibility. Integration with Google Tag Manager and Cookiebot indicates a mature approach to analytics and privacy compliance. The site employs HTTPS with strong security headers, reflecting a solid security posture. However, there is a lack of publicly available security policies or incident response information, which could be improved to enhance transparency. The security posture is strong with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data for the domain is a notable anomaly but does not detract significantly from the overall trustworthiness given the official branding and content quality. Strategic recommendations include publishing explicit security policies, adding vulnerability disclosure mechanisms, and verifying domain registration details for completeness. Overall, Visit Finland presents a professional, secure, and user-friendly platform that effectively supports Finland's tourism promotion objectives while maintaining good privacy and security standards.

S

SIA PURON

puron.lv

54

SIA PURON is a licensed and insured security services company operating throughout Latvia, offering a comprehensive range of technical and physical security solutions. With over 25 years of experience and a workforce exceeding 210 employees, the company serves both private and corporate clients. Their services include alarm monitoring, mobile patrols, fire safety systems, video surveillance, and security system installation and maintenance. The company holds ISO 9001:2015 certification and maintains a significant insurance coverage, reinforcing its market credibility. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Tag Manager, Google Analytics, Facebook Pixel, and Cloudflare Turnstile CAPTCHA for security and analytics. The site is well-optimized for mobile devices, features good SEO practices, and provides a smooth user experience. Security best practices are observed with HTTPS enforcement and consent-based tracking, although explicit security headers could be improved. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. However, the site lacks explicit incident response contact details and a vulnerability disclosure policy, which are recommended for enhanced security transparency. Overall, SIA PURON presents a trustworthy and professional digital presence aligned with its business operations. The domain registration details corroborate the company's legitimacy and history. Strategic improvements in security headers and incident response disclosures would further strengthen their security posture and client trust.

ERGO Lithuania is a well-established insurance provider offering a broad range of insurance products including vehicle, property, travel, life, health, and personal insurance. The company targets private individuals and businesses primarily in the Baltic region, maintaining a strong market presence with over 640,000 customers. The website reflects a professional and user-friendly digital presence, leveraging modern web technologies such as Next.js and integrating comprehensive consent management and analytics tools. Security posture is robust with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. Overall, ERGO Lithuania demonstrates a mature digital infrastructure and trustworthy business operations with room for improvement in transparency around security and vulnerability disclosures.

S

Synology Inc.

synology.com

76

Synology Inc. is a prominent technology company specializing in network-attached storage (NAS), data management, backup, surveillance, networking, and cloud solutions. The company positions itself as a leader in providing scalable and secure data management platforms for both business and individual users. Their website reflects a mature digital presence with comprehensive product offerings, customer resources, and a strong emphasis on data security and privacy. Technically, the site employs modern JavaScript frameworks such as Vue.js and jQuery, integrates Google Tag Manager for analytics, and uses LiveChat for customer engagement. The site is well-optimized for mobile devices and provides clear navigation and professional design. From a security perspective, Synology demonstrates good practices including HTTPS enforcement, detailed privacy and cookie policies with consent mechanisms, and public disclosure of security programs such as a bounty program. No critical vulnerabilities or exposed sensitive data were detected in the website content. WHOIS data for the domain is unavailable or restricted, which is common for privacy-conscious enterprises, but the website content and external trust signals strongly support the legitimacy of the domain. Overall, Synology's website reflects a robust security posture, strong privacy compliance, and a high level of business credibility. The company effectively communicates its value proposition and maintains transparency in security and data protection matters, making it a trustworthy technology provider in its market segment.

S

Switch

switch.com

57

Switch is a global technology company specializing in the design, construction, and operation of ultra-advanced data centers that enable powerful technology ecosystems. The company positions itself as a world-renowned leader in the data center industry, targeting technology enterprises and organizations requiring high-performance infrastructure solutions. The website reflects a mature digital presence with professional design and comprehensive content focused on their core business offerings. Technically, the site is built on WordPress using the Divi theme and integrates multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, indicating a sophisticated approach to user engagement and data collection. Security-wise, the site uses HTTPS and Google reCAPTCHA for form protection, but lacks visible security headers and published security policies, which are areas for improvement. The absence of WHOIS data for the domain www.switch.com is a notable gap, reducing trust from a domain registration perspective despite the professional website content. Overall, the site demonstrates strong business credibility and technical implementation but would benefit from enhanced privacy compliance and security transparency.

D

DEKORHOME, s.r.o.

dekorhome.sk

50

DEKORHOME, s.r.o. operates an e-commerce platform specializing in furniture, home accessories, garden products, and design items primarily targeting the Slovak market. The website presents a professional and consistent brand image with a clear focus on quality and customer service. The technical infrastructure leverages modern marketing and analytics technologies such as Google Tag Manager, Facebook Pixel, and Bing Ads, hosted on a CDN-backed platform (searchready.cz) with good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit privacy and terms policies are missing, which impacts compliance. Overall, the domain registration and business information are consistent and trustworthy, supporting a medium-sized retail operation.

R

RIKA Innovative Ofentechnik GmbH

rika.de

53

RIKA Innovative Ofentechnik GmbH is an Austrian manufacturer specializing in high-quality pellet and wood-burning stoves, offering innovative heating solutions with a strong emphasis on efficiency and smart home integration. The company maintains a solid market position with a medium-sized operation and an international presence supported by a dealer network and online configurator tools. Their website reflects a professional and user-friendly digital presence with comprehensive product information and customer engagement features such as newsletters and social media integration. Technically, the site leverages modern JavaScript libraries and CDN hosting to ensure fast performance and mobile optimization. Security practices include HTTPS enforcement, reCAPTCHA for forms, and consent management via Cookiebot, although some security headers and explicit incident response policies are absent. Overall, the website is trustworthy, well-structured, and compliant with GDPR requirements, making it a reliable digital asset for the company.

V

Volontaires.lu

volontaires.lu

52

Volontaires.lu is a Luxembourg-based volunteer service platform aimed at engaging youth in meaningful volunteer projects both locally and internationally. The website serves as an informational hub providing access to volunteer programs, mission listings, and training opportunities. It appears to be affiliated with government or official entities, supported by the presence of government logos and social media channels. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and uses Google Tag Manager and Matomo for analytics and marketing. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The WHOIS data is unavailable due to a malformed query, which slightly reduces trustworthiness but does not negate the legitimacy suggested by the content and branding. Overall, the site is professional and trustworthy but could enhance compliance and security transparency.

Т

ТОВ "АІН"

ain.ua

72

AIN.ua is a leading Ukrainian online media platform specializing in IT, business, startups, and investment news. Established in 1999, it holds a strong market position as the oldest and most trusted media outlet in its niche within Ukraine. The website offers a wide range of content including news articles, analytical reports, interviews, and special projects targeting IT professionals, entrepreneurs, investors, and the broader business community. Its business model primarily revolves around digital publishing supported by advertising and sponsored content. Technically, the website employs a modern technology stack including JavaScript frameworks, Google Tag Manager, Microsoft Clarity for analytics, and Facebook Pixel for marketing. It uses asynchronous loading for performance optimization and is mobile-optimized with good SEO practices. The platform appears to be custom-built without reliance on common CMS platforms, indicating a tailored infrastructure. Performance is moderate with good mobile responsiveness and basic accessibility features. From a security perspective, the site enforces HTTPS and uses several tracking and advertising scripts responsibly. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly declared, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Contact information is limited but includes a feedback email for technical issues. Overall, AIN.ua presents a professional, trustworthy, and content-rich platform with a solid security posture and compliance framework. Strategic recommendations include enhancing security headers, publishing a formal security policy, and expanding contact channels to improve incident response readiness and user trust.

A

Aittakoodi Oy

synergybus.fi

44

SynergyBus, operated by Aittakoodi Oy, is a Finnish web platform specializing in connecting taxi and bus companies with customers seeking chartered transportation services. The platform aggregates over 15,000 annual booking requests, positioning itself as a leading service in the Finnish transportation sector. The website offers features such as daily email notifications of new requests, the ability to advertise available fleet capacity, and tools to foster long-term customer relationships. The business targets transportation operators and customers within Finland, emphasizing efficiency and market reach.

R

Rideer Nordic Oy

tilausajot.net

52

Tilausajot.net, operated by Rideer Nordic Oy, is a well-established Finnish online platform specializing in competitive bidding for charter taxi and bus transportation services. Founded in 2011, it serves a broad audience including private individuals, companies, and associations across Finland. The platform facilitates efficient request and offer management, supported by a growing network of transportation providers. Technically, the website employs modern web technologies including Bootstrap, jQuery, Google Maps API, and Cloudflare for security and performance. It integrates comprehensive analytics and marketing tools such as Google Analytics, Facebook Pixel, and Hotjar, balanced with a detailed cookie consent mechanism ensuring GDPR compliance. Security posture is strong with HTTPS enforced and Cloudflare protection, though some security headers could be improved. The domain registration is consistent and transparent, reinforcing business legitimacy. Overall, the site presents a professional, trustworthy, and user-friendly service with good privacy and security practices.

A

Aittakoodi Oy

tilaataksi.fi

55

Tilaataksi.fi is a Finnish online taxi booking platform operated by Aittakoodi Oy, providing customers with a convenient way to pre-book taxis and receive competitive offers from taxi operators across Finland. The service targets both private individuals and organizations, offering a streamlined multi-step form for detailed ride requests. The platform is supported by Rideer Nordic Oy and integrates with various third-party services for analytics, customer support, and hosting. Technically, the website uses modern frameworks like Bootstrap and jQuery, with performance and mobile optimization rated as good. Security posture is strong with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms in place. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business information presented on the site.

F

Finnair

finnair.fi

77

Finnair is a well-established Finnish airline providing passenger flights and travel services to over 80 destinations worldwide. The company holds a strong market position in Northern Europe and operates with a large-scale business model supported by subsidiaries such as Norra and Finnair Cargo. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation tailored to a general audience of travelers. The technical infrastructure leverages modern web technologies including Angular, Google Tag Manager, and Akamai CDN, ensuring fast performance and mobile optimization. Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities, although public incident response and vulnerability disclosure information are limited. Privacy compliance is well addressed with detailed policies and consent mechanisms aligned with GDPR requirements. Overall, the website and business demonstrate high professionalism and trustworthiness, despite the absence of WHOIS domain registration details which may be due to registry restrictions.

OnniBus operates as a leading Finnish bus ticket sales platform, offering affordable and reliable bus travel across Finland and to international destinations such as the Baltics and Poland. The company positions itself as a well-known and cheerful brand in the Finnish transportation market, providing various ticketing options including season passes and reward programs. The website is professionally designed with good mobile optimization and clear navigation, supporting a positive user experience. Technically, the site employs modern analytics and consent management tools such as Google Analytics, Microsoft Clarity, and Cookiebot, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response contacts. The absence of WHOIS data is a notable anomaly, potentially due to privacy protection or recent domain registration, but the website content and business presence support legitimacy. Overall, the site demonstrates a strong business and technical foundation with moderate risk due to incomplete WHOIS transparency.

M

Trusted Magento 2 Extensions‎ by Magezon

magezon.com

73

Magezon is a specialized provider of Magento 2 extensions and related e-commerce services, targeting Magento store owners and developers. The company offers a wide range of products including page builders, form builders, mega menus, and other Magento 2 enhancements, supported by installation and custom development services. Their market position is that of a trusted Magento extension vendor emphasizing quality, support, and continuous updates. Technically, the website is built on Magento 2 platform with modern JavaScript libraries and integrates marketing and analytics tools such as Google Analytics and Facebook Pixel. The site is mobile optimized and SEO friendly, with structured data enhancing search visibility. Security posture is good with HTTPS enforced and secure form handling, though some security headers are not explicitly detected. Privacy compliance is basic with a refund policy present but no explicit cookie consent or privacy policy page found. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy, though the website content and business information appear professional and consistent. Overall, Magezon presents a credible e-commerce software business with room for improvement in privacy and security transparency.

K

Kappa Data France

exer.fr

57

Kappa Data France is a value-added IT distributor specializing in network infrastructure and security solutions, serving businesses and IT resellers primarily in France and neighboring countries. The company has a strong market presence with over 20 years of experience and offers a portfolio of reliable IT products, technical expertise, and training services. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with modern performance optimizations and uses Cloudflare DNS services. Security posture is solid with HTTPS enabled and no obvious vulnerabilities, but lacks published security policies and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-positioned but would benefit from enhanced compliance and security transparency.

K

Kappa Data

kappadata.pl

68

Kappa Data is a value-added distributor (VAD) specializing in networking, security, and IoT solutions primarily serving the Polish market. The company offers technical and sales support, ongoing training, and consulting services, partnering with reputable manufacturers to deliver innovative IT solutions to businesses and institutions. The website reflects a professional and consistent brand presence with multilingual support and a focus on IT infrastructure and cybersecurity expertise. Technically, the site is built on WordPress with modern performance optimizations such as lazy loading and asynchronous script loading. Security posture is generally good with HTTPS enforced, but lacks explicit security headers and formal privacy or cookie policies. WHOIS data is unavailable from the Polish registry, which slightly impacts trust but the website content and structure support legitimacy. Overall, the site is well-positioned in its market segment with room for improvement in privacy compliance and security transparency.

K

Kappa Data

kappadata.nl

74

Kappa Data is a well-established Value-Added Distributor specializing in IT network, security, and IoT solutions primarily serving B2B IT partners in the Netherlands, Belgium, France, and Poland. Founded in 1998, the company has over two decades of experience and offers a broad portfolio including network infrastructure, security, IoT connectivity, training, and technical services. Their market position is solid within the regional IT distribution sector, supported by a professional and multilingual web presence. Technically, the website is built on WordPress using modern plugins and optimization tools, delivering moderate performance and good mobile responsiveness. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and published security policies is noted. Privacy compliance is lacking as no privacy or cookie policies are found, representing a compliance risk. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.